ISACA Certified Information Systems Auditor (CISA)

Which of the following is the GREATEST benefit of using file integrity monitoring (FIM) when securing critical systems?

An organization has determined that a trusted insider has been able to bypass controls and embezzle organizational funds. Which type of audit would be MOST helpful when providing evidence to law enforcement?

Which of the following is the BEST protection against forged email?

An organization saves confidential information in a file with password protection, and the file is placed in a shared folder. An attacker has stolen this information by obtaining the password through social engineering. Implementing which of the following would BEST enable the organization to prevent this type of incident in the future?

An IS auditor is examining cryptographic key management with a focus on ensuring the protection of cryptographic keys against modification and unauthorized disclosure. Which of the following should be reviewed FIRST?

Which of the following is the BEST indication of an effective problem management process?

A small business unit is implementing a control self-assessment (CSA) program and leveraging the internal audit function to test its internal controls annually. Which of the following is the MOST significant benefit of this approach?

Which of the following data controls is MOST helpful in verifying that the data received by an application is the same as the data sent by a remote application?

Which of the following would BEST help ensure data integrity during transmission?

A business application has crashed, and the database has been restored from backup. To ensure data integrity, which of the following will provide the BEST assurance?

Which of the following should be of GREATEST concern for an IS auditor when reviewing user account policies?

In which of the following system development life cycle (SDLC) phases would an IS auditor expect to find that controls have been incorporated into system specifications?

Which of the following would be of GREATEST concern to an IS auditor reviewing continuous integration / continuous deployment (CI/CD) practices?

An organization's senior management thinks current security controls may be excessive and requests an IS auditor's advice on how to assess the adequacy Of current measures, What is the auditor's BEST recommendation to management?

A steering committee established to oversee an organization's digital transformation program is MOST likely to be involved with which of the following activities?

Which of the following controls is the BEST recommendation to prevent the skimming of debit or credit card data in point of sale (POS) systems?

Which of the following should be the GREATEST concern to an IS auditor evaluating an organization's policies?

An IS auditor is performing an audit of a large organization's operating system maintenance procedures. Which of the following findings presents the GREATEST risk?

Which of the following BEST enables an organization's information security team to correlate and aggregate log files from different sources?

During a network security audit: which of the following would an IS auditor consider to be the GREATEST risk?

Which of the following would MOST likely be detailed in an audit charter?

Which of the following is the MOST important consideration when evaluating the data retention policy for a global organization with regional offices in multiple countries?

In planning a major system development project, function point analysis would assist in:

An IS auditor has traced the source of a transaction fraud to the desktop system of an e-business staff member who is on leave. Which of the following is the BEST way for the auditor to

ensure the success of the investigation?

Which of the following is the GREATEST benefit of an operational log management system?

An organization's email service is hosted by a third pat-M and the service level agreement (SLA) requires 99.9% availability. An IS auditor finds that the service has not met its availability level for the past five months, Which of the following is the auditor's BEST recommendation?

Which of the following is the PRIMARY objective when encrypting a database?

An IS auditor finds a user account where privileged access is not appropriate for the user's role. Which of the following would provide the BEST evidence to determine whether the risk of this access has been exploited?

Which of the following is PRIMARILY used in data loss prevention (DLP) solutions to prevent the unauthorized transfer of sensitive data over email?

Which of the following should an IS auditor verify FIRST when reviewing operational resilience?

An organization is disposing of a system containing sensitive data and has deleted all files from the hard disk. An IS auditor should be concerned because:

An organization is implementing a new enterprise resource planning (ERP) system. From a system performance management perspective.

Which Of the following would pose the GREATEST concern for an IS auditor?

Which of the following would be of GREATEST concern to an IS auditor providing support to a financial audit team?

Which of the following can only be provided by asymmetric encryption?

During the forensic investigation of a cyberattack involving credit card data: which of the following is MOST important to ensure?

A core system fails a week after a scheduled update, causing an outage that impacts service. Which of the following is MOST important for incident management to focus on when addressing

the issue?

Which of the following non-audit activities may impair an IS auditor's independence and objectivity?

Based on best practice, which types of accounts should be disabled for interactive login?

Which of the following is MOST important to consider when developing a service level agreement (SLA)?

An IS auditor evaluating the resilience of a network with a high-availability requirement should be MOST concerned if:

Which of the following controls BEST ensures the integrity of data exchanged between two systems?

During the review of a system disruption incident, an IS auditor notes that IT support staff were put in a position to make decisions beyond their level of authority. Which of the following is the

BEST recommendation to help prevent this situation in the future?

Which of the following sampling methods is MOST appropriate when assessing a population to focus on specific risk areas?

To reduce operational costs, IT management plans to reduce the number of servers currently used to run business applications. Which of the following is MOST helpful to review when identifying which servers are no longer required?

Which of the following is the BEST way for an organization to reduce its risk associated with the collection and protection of personal information?

An IS auditor is providing input to an RFP to acquire a financial application system- Which of the following is MOST important for the auditor to recommend?

The quality assurance (QA) team is testing a new e-ticketing application prior to go live to ensure that sales tax is calculated and applied correctly.

Which of the following should be Of GREATEST concern?

Visitors to a data center are required to present an ID and pre-approved documents. Which type of control has been implemented?

An IS auditor is reviewing an organization's cloud access security broker (CASB) solution- Which of the following is MOST important for the auditor to verify?

When reviewing an organization's enterprise architecture (EA): which of the following is an IS auditor MOST likely to find within the EA documentation?

An IS auditor is reviewing documentation for an IT department procedure for adding a firewall rule. Which of the following should be of GREATEST concem to the IS auditor?

Which of the following is MOST important for an IS auditor to review prior to the migration of acquired software into production?

A disaster recovery plan (DRP) should include steps for:

An IS auditor validates data extracted from an enterprise resource planning (ERP) system to ensure the data meets financial industry standards. Which type of audit is being conducted?

Which of the following should be the PRIMARY focus for any network design that deploys a Zero Trust architecture?

An IS auditor is evaluating the risk associated with moving from one database management system (DBMS) to another. Which of the following would be MOST helpful to ensure the integrity of the system throughout the change?

Which of the following would be an IS auditor's GREATEST concern when reviewing an organization's implementation of a forensic readiness plan?

Which of the following features would BEST address risk associated with data at rest when evaluating a data loss prevention (DLP) solution?

An organization is integrating two systems for real-time API communication. Which of the following is the BEST approach to ensure secure authentication between the two applications before going live?

In operational log management, which of the following BEST ensures the availability of log data?

An IS auditor observes that a large number of departed employees have not been removed from the accounts payable system. Which of the following is MOST important to determine in order to assess the risk?

An IS auditor is reviewing the system development practices of an organization that is about to move from a Waterfall to an Agile approach.

Which of the following is MOST important for the auditor to focus on as a result of this move?

Which of the following activities should be separated in an organization's incident management processes?

An IS auditor reviewing an organization's IT systems finds that the organization frequently purchases systems that are incompatible with the technologies already in the organization. Which of the following is the MOST likely reason?

Which of the following should be the PRIMARY consideration when reviewing console logs to assess the effectiveness of an organization's job scheduling process?

Which of the following is the MOST appropriate indicator of change management effectiveness?

Which of the following recommendations would BEST prevent the implementation of IT projects without collaborating with the business?

Which of the following technologies BEST assists in protection of digital evidence as part of forensic investigation acquisition?

Which of the following is an example of shadow IT?

When assessing the overall effectiveness of an organization's disaster recovery planning process, which of the following is MOST important for the IS Auditor to verify?

Which of the following is the PRIMARY benefit of introducing business impact analyses (BIAS) to business resiliency strategies?

After safe evacuation of employees, which of the following should be the HIGHEST priority in disaster recovery planning?

When drafting a disaster recovery strategy, what should be the MOST important outcome of a business impact analysis (BIA)?

Which of the following BEST enables an organization to verify whether an encrypted message sent by a client has been altered?

An organization is experiencing a large number of phishing attacks targeting employees and executives following a press release announcing an acquisition. Which of the following would

provide the BEST defense against these attacks?

Which of the following is MOST important for an IS auditor to review to ensure a machine learning algorithm is not overfitting?

An IS auditor learns that individual teams are allowed to implement and manage their use of robotic process automation (RPA). Which of the following controls would BEST enable the IT department to

effectively govern the use of end-user computing (EUC) In this situation?

Which of the following is the GREATEST benefit of using statistical sampling techniques?

A call center has an initiative to implement robotic process automation (RPA) technology to replace the current customer inquiry handling system. Which of the following would provide the MOST useful information when auditing the new operational technology?

Which of the following is the PRIMARY role of the IT steering committee?

Which of the following should be of MOST concern to an IS auditor reviewing an organization's IT policies?

Which of the following is a KEY component of a forensic audit?

In a post-implementation review of a recently purchased system, it is MOST Important for the IS auditor to determine whether the.

Online banking transactions are being posted to a database when processing suddenly comes to a halt. Which of the following BEST ensures the integrity of the transaction processing?

Which of the following should be done FIRST to optimize operational log management and enable early detection of operational events?

Which of the following is the BEST way to ensure Internet of Things (IoT) devices do not retain default admin passwords?

When reviewing previous disaster recovery test results, which of the following is MOST important for an IS auditor to validate?

During recent post-implementation reviews, an IS auditor has noted that several deployed applications are not being used by the business. The MOST likely cause would be the lack of:

A requirement for biometric access to physical facilities is an example of which type of control:

Which of the following activities would BEST facilitate the improvement of control owner accountability for the expected performance of security controls?

A post-implementation audit has been completed for the deployment of a sophisticated job scheduling tool. Which of the following observations would be of GREATEST concern?

Which of the following is the PRIMARY objective of a service level agreement (SLA)?

Which of the following security testing techniques is MOST effective for confirming that inputs to a web application have been properly sanitized?

Which of the following should an IS auditor recommend be done FIRST when an organization is planning to implement an IT compliance program?

Which of the following methods would BEST help detect unauthorized disclosure of confidential documents sent over corporate email?

Which of the following is the PRIMARY reason to perform user acceptance testing (UAT) prior to production release for a new system?

Which of the following BEST supports an organization's objective of restricting the use of removable storage devices by users?

When auditing the feasibility study of a system development project, the IS auditor should:

Which of the following procedures for testing a disaster recovery plan (DRP) is MOST effective?

Which of the following is the MOST likely outcome for an organization that implements cloud computing?